It's time to expose my ignorance again, hopefully to cure some of it. On Mon, Nov 17, 2014 at 12:02:07PM -0500, Robert J. Hansen wrote: > > But sorry, I disagree a little bit. If we want literally to jam the > > secret service's attempts to decrypt mails, then it makes sense to use > > encryption for every single mail, private, business, nonsense and spam.... > > This would have the ultimate effect of destroying email as a platform. > Email works as well as it does -- as well as fails so miserably in other > ways -- largely *because* it's open to inspection. > > As an example, pervasive end-to-end encryption would require antispam > defenses to move to the client rather than being deployed at the > mailserver or relay. This would essentially be tantamount to giving up, > since there are no really effective client-side antispam measures.
Would this not at the same time make it simple for MUAs to discover that "this message is not from anyone you say you know. Delete without reading?" Because to decrypt the SPAM, you need the public key, which is identifiable. Even if the spammers lie, well, it's from no one you know, or it's verifiably *not* from who the sender claims to be. > Similarly, it would assist in the spread of malware and viruses and for > the same reasons. If a mailserver can't inspect the email, it can't > recognize malware and quarantine it for the health of the internet. Again, if it's provably from no one you say that you trust, the MUA could refuse to execute runnable content without explicit permission. (Which I say should be the normal and only setting for all content, but I know I'm a crank.) I can also say that, so far as I know, the principal effect of MTA-based antivirus in my life is to prevent me consciously emailing known innocuous code that I wrote to people who ask for it. So I for one wouldn't miss it. That's selfish of me, of course. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
